TomatoCart version 1.1.7 suffers from a cross site scripting vulnerability.
0c07814d08fbfa12a47580606c8545fc61df5e12c363b5e7233df9904b3df0a6-------------------------------------------------------------
Name : TomatoCart 1.1.7 XSS
-------------------------------------------------------------
Date : 29.08.2012
-------------------------------------------------------------
Site : www.tomatocart.com
-------------------------------------------------------------
Version : 1.1.7
-------------------------------------------------------------
1) What is it?
This is very nice shopping cart software, You should try it! ;)
2) Type of bug?
XSS
3) Where is the bug?
Try here:
tomatocart/ext/securimage/example_form.ajax.php:39:
new Ajax.Request('<?php echo $_SERVER['PHP_SELF'] ?>',
4) PoC
http://host/with/tomato/ext/secureimage/example_from.ajax.php/"></script><whatever.now>
5) More?
http://hauntit.blogspot.com
http://www.portswigger.org
http://www.tomatocart.com
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed